Linux Kernel Out-of-Bounds Read Vulnerability in DRM/DP Handling

Vulnerability

A vulnerability in the Linux kernel's Direct Rendering Manager (DRM) and DisplayPort (DP) handling has been addressed. The issue was an out-of-bounds (OOB) read caused by the link_status array being too small to properly read the Adjust Request Post Cursor2 register. This flaw was identified with a compiler warning about array bounds. The vulnerability arose in the 'drm_dp_get_adjust_request_post_cursor' function within the 'drm_dp_helper.c' file, where an array subscript accessed data outside the array's defined limits. The vulnerability has been fixed by replacing the common helper function with an open-coded fetch and decode, similar to existing practices in the AMD display driver.

Impact

Exploitation of this vulnerability could lead to out-of-bounds read, potentially allowing for information disclosure or memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Out-of-Bounds Read Vulnerability in DRM/DP Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating